Monitorama 2014: “Warm Fuzzies”

Feeling the Love:

I spent the last few days at Monitorama, self-described as an “open source monitoring conference” held in Portland this year.

First, I must say that the best aspect of the conference for me was the overall vibe. It felt like a gathering of smart, friends-of-friends group of people that you want to get to know and bounce ideas off of. It was startlingly diverse (not just a sea of white guys — sorry security conferences). You get to bang heads with industry “thought leaders” and renowned practitioners in a casual, unpretentious way. Monitorama is really about engineers lighting up about problems they like to think about and solve.

This is primarily due to the stellar organizers. From the beginning, Jason Dixon set the tone talking about empathy, how we engineers need to be better at that, and just generally giving people “warm fuzzies”. This resulted in a feeling of community and approachability rarely achieved at a technical conference.

It’s Not Just Ops

I expected the conference to be operations-oriented, but boy was I wrong. Not only was the speaker and attendee list diverse, it was also clear that attendees embodied a broad set of roles not confined to operations. There were engineers of all sorts — from data scientists, software development, database specialists, and even security folk like myself present. This is also credited to the organizers who scheduled talks that were insightful and relevant to the smart people getting things done across their engineering organizations.

However, it’s also a clear affirmation that operations has really become a team responsibility. It’s almost like developers…and operations…have joined forces… Is there a word for this, guys???

Above all, the talks were of exceptional quality. From the beginning, the keynote painted a strategic picture of the challenges in monitoring, which colored the subsequent talks and discussions. Anomaly detection was a big theme; several people were talking about tackling the problem of anomaly detection from various perspectives and with various techniques (conclusion: anomaly detection is hard).

I came back brimming with ideas! Big ideas were coupled with a lot of practical advice from seasoned veterans at the big tech companies; one could walk away from a talk with dozens of techniques and tools to apply immediately.

My Talk: “Auditing All The Things”

It’s clear that operations people are interested in the security challenges of 2014, and at a monitoring conference, the problem of security monitoring in today’s infrastructure was a topic well received. I tried to relay a bit of the defensive mindset and give context as to why continuous security monitoring is important from a non-security professional’s perspective (yep, with a risk assessment model that referenced ‘Snapchat for Pets’).

Giving this talk at Monitorama was interesting because I really believe that security is no longer a silo. Just as development and operations have converged to work together, it’s clear that development, operations and security teams are converging similarly in the near future as well. I expect to see a lot of interesting techniques that leverage devops-style automation and monitoring practices for security prevention, detection and response.

Highlights from the Audience

In a Wrap

If you want a cutting-edge vision about the challenges and solutions for cloud infrastructure, scalability, distributed systems, devops, monitoring, and detection, no need to look to the future — just attend Monitorama next year 😉

The heart of Threat Stack's innovation and product vision, Jen is passionate about designing the next generation of security tools for our modern infrastructure. Before co-founding Threat Stack, Jen worked on Mandiant's Research and Development team under Jamie Butler, developing innovative tools to analyze malware. At Symantec, she worked on the development team architecting a backend, that processed tens of terabytes of security data every day, as well as a security analyst, in Symantec's Managed Security Services division aimed at protecting the Fortune 500 against threats.